It's a file in the 10-500kB and passwords are read way more often than added.

If it's even tracked as an implementation issue, it probably ranks very low and fixing this requires a lot of care not to screw up things with the safety and feature rollout.